14 Jul 2020 • Alex Harley
Portabella is and end-to-end encrypted, privacy preserving project management platform. We don’t see any of your core data (such as project names, task titles, comments, descriptions) and believe that in todays day and age, most applications don’t actually need to see your data. You can read more around what we encrypt in our blog post.
Current security landscape
When using a browser in 2020, most browsers enforce connections over Transport Layer Security (TLS). Originally published in 1999 as a successor to Secure Sockets Layer (SSL), TLS is a protocol for providing security, privacy and data integrity for communication over the web. TLS combined with third party certificate authorities give modern browser users the peace of mind that when they visit https://domain.com, only domain.com and they can see the data being transferred.
We won’t get into the specifics of TLS in this blog post, but it boils down to the browser and server agreeing on a shared symmetric key to use for communication.
How does end-to-end encryption fit in?
For a long time this has been simultaneously good enough and yet sometimes, not enough. We’re seeing more and more that just securing the pipe itself is only half the effort, we shoudn’t need to trust who’s on the other end of it.
Let’s take the example of Bob interacting with https://bank.com. Bob isn’t going to use bank.com unless he can interact with it over TLS, most modern browsers either alert you to the fact that you’re not browsing with TLS, or don’t let you interact with the page at all. At the highest level the bank does a few things for Bob:
- allows him to read his balance
- let’s him make transfers into and out of his accounts
- let’s others make transfers into his account.
In this context it doesn’t make sense for Bob’s data to be end-to-end encrypted. If the bank couldn’t see his balance they wouldn’t be able to approve transfers, allow an overdraft or even apply deposits to his account.
So end-to-end encryption can’t be used for all applications on the web, but let’s think about where it does make sense.
When messaging one-to-one or in groups end-to-end encryption should be the default. When Bob talks to Alice it doesn’t make sense that the platform can see their messages. This is a well understood problem and in recent years we’ve seen many solutions pop up in the space, Riot, Telegram and Signal spring to mind when thinking of end-to-end encrypted messaging plaforms.
Storing data in the cloud is a no brainer for many situations, backing up data on USB sticks and hard drives scattered around your house is often recipe for disaster. Once data is stored in the cloud with a trusted provider, backups, replication and high availability come with a minimal yearly cost. Despite this, you don’t want anyone looking at all the photos or documents you upload into your personal cloud, so it makes sense to encrypt these so only you can view them. Tresorit is a great company providing encryption with support for not just browsers, but native apps for all major platforms (Android, iOS, Windows, Mac, etc).
This is a kind of catch all category for platforms where the platform or website is just providing you an avenue to collaborate with others. Think group applications (not necessarily social media), an interactive whiteboard application, customer feedback portals and project management platforms. For these applications it doesn’t make sense that Big Co. can see your data, so why should they? That’s where Portabella comes in.
How it works
Let’s take a look at the most basic flow we can think of, signing up, creating a board and then making some changes to it.
The flow chart is pretty self explanatory if you have an understanding of asymmetric and symmetric encryption. Once Bob has a key pair generated in his browser he can store the encrypted symmetric key in Portabella’s servers. This means from whatever computer he uses, he’ll be able to see his project
A more complicated example is collaboration, when your data is end-to-end encrypted, how do you allow another user access to your project? Let’s take a look at the below flow chart, for brevity, assume the steps above have already taken place.
What happens here is that with Alice’s public key, Bob (as an admin) encrypts the project key and saves it in Portabella’s database. He then broadcasts to Alice that the key is available. She can then fetch and decrypt the project key with her private key. After this she has full read access to the board.
Thanks for reading!
That’ll conclude todays blog post, hopefully it answers any questions you may have around privacy at Portabella. If you have any more questions please reach out to me at [email protected]